<?php 
require_once(dirname(__FILE__)."./../comm/config.php");
require_once(dirname(__FILE__)."./../comm/utils.php");

class qq_callback{
	
	function qq()
	{
	    //debug
	    //print_r($_REQUEST);
		//print_r($_REQUEST);
	    if($_REQUEST['state'] == $_SESSION['state']) //csrf
	    {
			
	        $token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"
	            . "client_id=" . $_SESSION["appid"]. "&redirect_uri=" . urlencode($_SESSION["callback"])
	            . "&client_secret=" . $_SESSION["appkey"]. "&code=" . $_REQUEST["code"];
	
	        $response = get_url_contents($token_url);
	        if (strpos($response, "callback") !== false)
	        {
	            $lpos = strpos($response, "(");
	            $rpos = strrpos($response, ")");
	            $response  = substr($response, $lpos + 1, $rpos - $lpos -1);
	            $msg = json_decode($response);
	            if (isset($msg->error))
	            {
	                echo "<h3>error:</h3>" . $msg->error;
	                echo "<h3>msg  :</h3>" . $msg->error_description;
	                exit;
	            }
	        }
	
	        $params = array();
	        parse_str($response, $params);
	
	        //debug
	        //print_r($params);
	
	        //set access token to session
	        $_SESSION["access_token"] = $params["access_token"];
	
	        return true;
	    }
	    else 
	    {
	    	return "状态不匹配. 您可能是跨站请求伪造的受害者.请尝试重新登陆";
	    }
	}
	
	function get_openid()
	{
	    $graph_url = "https://graph.qq.com/oauth2.0/me?access_token=" 
	        . $_SESSION['access_token'];
	
	    $str  = get_url_contents($graph_url);
	    if (strpos($str, "callback") !== false)
	    {
	        $lpos = strpos($str, "(");
	        $rpos = strrpos($str, ")");
	        $str  = substr($str, $lpos + 1, $rpos - $lpos -1);
	    }
	    $user = json_decode($str);
	    if (isset($user->error))
	    {
	        echo "<h3>error:</h3>" . $user->error;
	        echo "<h3>msg  :</h3>" . $user->error_description;
	        exit;
	    }
	
	    //debug
	    //echo("Hello " . $user->openid);
	
	    //set openid to session
	    $_SESSION["openid"] = $user->openid;
	}
	
	
	function get_user_info()
	{
	    $graph_url = "https://graph.qq.com/user/get_user_info?access_token=" 
	        . $_SESSION['access_token']."&oauth_consumer_key=".$_SESSION['appid']."&openid=".$_SESSION['openid']."&format=json";
	
	    $str  = get_url_contents($graph_url);
	    if (strpos($str, "callback") !== false)
	    {
	        $lpos = strpos($str, "(");
	        $rpos = strrpos($str, ")");
	        $str  = substr($str, $lpos + 1, $rpos - $lpos -1);
	    }
	    $user = json_decode($str);
	    if (isset($user->error))
	    {
	        echo "<h3>error:</h3>" . $user->error;
	        echo "<h3>msg  :</h3>" . $user->error_description;
	        exit;
	    }
	
	    //debug
	    //echo("Hello " . $user->openid);
	    //set openid to session
	    return $user;
	}
}
?>
